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DETAILED ACTION 
Appeal Re-Open 

1 . In view of the appeal brief filed on 01/08/2007, PROSECUTION IS HEREBY 
REOPENED. New grounds of rejection are set forth below. 

To avoid abandonment of the application, appellant must exercise one of the 
following two options: 

(1 ) file a reply under 37 CFR 1.111 (if this Office action is non-final) or a reply 
under 37 CFR 1.113 (If this Office action is final); or, 

(2) initiate a new appeal by filing a notice of appeal under 37 CFR 41 .31 followed 
by an appeal brief under 37 CFR 41 .37. The previously paid notice of appeal fee and 
appeal brief fee can be applied to the new appeal. If, however, the appeal fees set forth 
in 37 CFR 41 .20 have been Increased since they were previously paid, then appellant 
must pay the difference between the increased fees and the amount previously paid. 

A Supervisory Patent Examiner (SPE) has approved of reopening prosecution by 
signing below: 

/Nasser G MoazzamI/ 

Supervisory Patent Examiner, Art Unit 2436. 

Response to Remarks/Arguments 

2. Applicant's arguments, with respect to the rejection of the claims have been fully 
considered but they are moot under new grounds for rejection. 
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Claim Rejections - 35 USC § 103 

3. The following is a quotation of 35 U.S.C. 1 03(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not Identically disclosed or described as set 
forth In section 102 of this title, if the differences between the subject matter sought to be patented and 
the phor art are such that the subject matter as a whole would have been obvious at the time the 
Invention was made to a person having ordinary sl<ill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

Claims 1-10. 15-21. 27-29 and 30-33 are rejected under 35 U.S.C. 103(a) as 

being disclosed by Colev at al. (US Patent No. 5,826,014 hereinafter Coley) in 
view of Malkin et al. (US Patent No. 6,061,650 hereinafter Malkin). 

Regarding claims 1 . Colev , discloses a method for blocking an attack on a 
private network implemented by a routing device interconnecting the private 
network to a public network, comprising: 

• receiving a request for connection from an initiator, over the public 
network (7:16-19 - "a user operating a host machine 200 who attempts to 
access the internal network 214 via the public network 202 must go 
through the firewall"); 

• requesting an acknowledgment from the initiator of the request (7:41-59 - 
"firewall 210 application assess the characteristics of an incoming request 
and assigns an appropriate proxy agent tailored to the particular protocol 
and verification requirements of that incoming access request."). 
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Coley is silent in determining wliether tine acl<nowledgment lias been 
received witliin a predetermined amount of time and denying tine request if 
the acl<nowledgment is not received witliin tine predetermined amount of 
time, however Malkin does provide such a disclosure (5:21-27 - "In step 
234, after sending the tunnel registration request, the RAS sets a 
retransmit time and expects a registration reply from the gateway within a 
predetermined period of time. The RAS will retransmit the request if a 
response is not received within the predetermined period of time. After a 
predetermined number of unsuccessful attempts, the RAS will terminate 
the PPP connection with the remote node"). 

It would have been obvious for one of ordinary skill in the art, at the time of 
the invention, to have been motivated to modify the disclosure of Coley 
with that of Malkin because both disclosures are directed towards network 
security, particularly within a remote access network. Malkin provides 
motivation for this combination in the recitation, to implement the mobile 
routing protocols, additional software needs to be loaded onto the remote 
node to enable the node to communication with its original network without 
having to change its network address. As a result, a user is burdened with 
installing the mobile protocol software on their computer system and 
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testing it to be sure it operates properly. The need described here lends 
reason to combine these two references. 

Regarding claim 2 . Colev . discloses the method of claim 1 , wherein the public 
network is the Internet (Figure 2 element 202). 

Regarding claim 3 . Colev . discloses the method of claim 2, wherein the routing 
device is a firewall providing access to the Internet (Figure 2 element 210). 

Regarding claim 4 . Colev . discloses the method of claim 1 , further comprising 
processing the request if the acknowledgement is received (10:36-40 - "after a 
proxy successfully completes its set of one or more verification tests, the proxy 
agent initiates a connection request to the destination machine (and port) on 
behalf of the incoming access request."). 

Regarding claim 5 . Colev . discloses the method of claim 1 , further comprising 
adding an IP address of the initiator to a cache of IP addresses if the 
acknowledgement is not received (9:32-45 - "Source address verification can be 
based on a check of the validity of on or more specific addresses, or, on a range 
of address values (e.g., the first octet has a value of between zero and 100). 
Such a check involves a determination of whether a host source address of an 
incoming packet comports with a list of authorized or unauthorized addresses, or 
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is witliin a designated range. If the source address is not on the list, the packet is 
discarded. Referring back to FIG. 3, in the event that the external user 300 
attempts to contact a network element behind the firewall 318, the proxy agent 
can check the source address of the host computer 302. If the proxy agent 
determines that the host computer 302 does not have an authorized address, the 
request originating from the host computer 302 is discarded."). 

Regarding claim 6 . Colev . discloses the method of claim 5, further comprising 
denying access through the routing device to any IP address on the cache of IP 
addresses (1 1 :40-46 - "In the present exemplary scenario the access request 
message is further analyzed to determine whether the access request is being 
received during an authorized time period, such as a time of day (step 418). If the 
time of day during which the access request Is received is not authorized, the 
connection request is denied (step 420). The time of day assessment can be 
tailored for specified users, source host machines, and/or IP addresses."). 

Regarding claim 7 . Colev , discloses the method of claim 1 , further comprising 
storing Information about the Initiator on a system log for analysis by the system 
administrator (1 1 :47-50 - "A proxy agent also can assess whether user or 
user/password information is necessary to gain access (step 422). If not, the 
proxy agent can initiate the connection (step 424). If the information is required, 
the proxy agent prompts the user with an appropriately formatted message to 
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enter a username and/or password information (step 426)."). 

Regarding claim 8 . Colev . discloses the method of claim 1 , further comprising 
storing information about the request for connection on a system log for analysis 
by the system administrator (1 1 :7-20 - " Because the access request seeks to 
access a destination address residing behind the firewall 318, the access request 
message is presented to the firewall 318 (step 404). In accordance with an 
exemplary embodiment, a proxy agent running on the firewall 318 is assigned to 
the access request In accordance with a preliminary analysis of the port number 
designation within the packet representing the access request (step 406). In this 
case, port number 80 (HTTP) would ordinarily be designated in the request. The 
assessment also can involve a determination of whether the service indicated by 
the port number comports with the contents of the request (step 408)."). 

Regarding claim 9 . Colev . is silent in disclosing determining if a prior request for 
an acknowledgement has been sent to an IP address associated with the initiator 
and been unacknowledged within a predetermined amount of time, If the 
acknowledgement Is not received, however Malkin does provide such a 
disclosure (5:21-27 - "In step 234, after sending the tunnel registration request, 
the RAS sets a retransmit time and expects a registration reply from the gateway 
within a predetermined period of time. The RAS will retransmit the request if a 
response is not received within the predetermined period of time. After a 
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predetermined number of unsuccessful attempts, tlie RAS will terminate the PPP 
connection with the remote node"). 

It would have been obvious for one of ordinary skill in the art, at the time of 
the invention, to have been motivated to modify the disclosure of Coley 
with that of Malkin because both disclosures are directed towards network 
security, particularly within a remote access network. Malkin provides 
motivation for this combination in the recitation, to implement the mobile 
routing protocols, additional software needs to be loaded onto the remote 
node to enable the node to communication with its original network without 
having to change its network address. As a result, a user is burdened with 
installing the mobile protocol software on their computer system and 
testing it to be sure it operates properly. The need described here lends 
reason to combine these two references. 

Regarding claim 10 . Colev . discloses the method of claim 1 , further comprising 
using diagnostic tools to determine additional information about a source of the 
request for connection (8:1-9 - "the source address of an access request can be 
investigated to determine whether the request is suspect or credible. An 
inherently reliable request may require only a minimum of verification before 
being connected. While a suspect request may require enhanced verification. 
Access request verification can include analysis of: source host machine and 
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source user information; destination host machine and destination user 
information; and/or time of day analysis."). 



Regarding claim 15 . Colev . discloses a method for blocking an attack on a 
private network implemented by a routing device interconnecting the private 
network to a public network, comprising: 

• receiving an incoming data packet from the public network (7:16-1 9 - "a 
user operating a host machine 200 who attempts to access the internal 
network 214 via the public network 202 must go through the firewall"); 

• comparing a source address of the data packet against known internal 
addresses of the private network (9:6-19 and 32-46 - "investigation of a 
source address (i.e., the host machine from which the access inquiry 
originated) of the access request. This permits the proxy agent to make an 
initial assessment of the authenticity of the request ... Once the source is 
determined, the proxy agent can run an appropriate combination of 
verification checks suited to the integrity of the request as indicated by its 
source"); 

• determining if the source address matches a known internal address (9:6- 
19 and 32-46 - "investigation of a source address (i.e., the host machine 
from which the access inquiry originated) of the access request. This 
permits the proxy agent to make an initial assessment of the authenticity 
of the request ... Once the source is determined, the proxy agent can run 
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an appropriate combination of verification cliecks suited to the integrity of 
the request as indicated by its source") 



Coley does however disclose: 

■ dropping the data pacl<et (9:39 - "If there is a discrepancy, the 
request is denied"); 

■ analyzing a header of the data packet (9:3-8 - "investigation of a 
source address (i.e., the host machine from which the access 
inquiry originated) of the access request. This permits the proxy 
agent to make an initial assessment of the authenticity of the 
request"); 

■ determining information regarding a history of the packet (8:5-1 6 - 
"source address of an access request can be Investigated to 
determine whether the request is suspect or credible ... Access 
request verification can include analysis of: source host machine 
and source user information; destination host machine and 
destination user Information; and/or time of day analysis"); 

■ determining a real source of the data packet using the Information 
regarding the history of the packet (8:5-16 - "source address of an 
access request can be investigated to determine whether the 
request is suspect or credible ... Access request verification can 
include analysis of: source host machine and source user 
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information; destination liost machine and destination user 
information; and/or time of day analysis"); and 
■ refusing to process any additional data packets received from the 
real source of the data packet (9:6-1 9 and 32-46 - "If there is a 
discrepancy, the request is denied"). 

Regarding claim 16 . Colev . discloses the method of claim 15, further comprising 
storing data about the data packet on a system log, for use and analysis by a 
system administrator (Rejected under the same rational as claim 7). 

Regarding claim 17 . Colev . discloses the method of claim 15, wherein the public 
network is the Internet (Rejected under the same rational as claim 2). 

Regarding claim 18 . Colev . discloses the method of claim 17, wherein the routing 
device is a firewall providing access to the Internet (Rejected under the same 
rational as claim 3). 

Regarding claim 19 , Colev . discloses the method of claim 15, further comprising 
forwarding the data packet to the private network if there is not a match 
(Rejected under the same rational as claim 6). 



Application/Control Number: 10/808,629 Page 12 

Art Unit: 2136 

Regarding claim 20 . Colev . discloses the method of claim 15, further comprising 
adding an IP address of the data packet to a cache of IP addresses if there is a 
match (Rejected under the same rational as claim 6). 

Regarding claim 21 . Colev . discloses the method of claim 20, further comprising 
denying access through the routing device to any IP address on the cache of IP 
addresses (Rejected under the same rational as claim 6). 

Regarding claim 27, Colev. discloses the method for blocking an attack on a 
private network implemented by a routing device interconnecting the private 
network to a public network, comprising: 

• receiving a request for connection from an initiator, over the public 
network (7:16-19 - "a user operating a host machine 200 who attempts to 
access the internal network 214 via the public network 202 must go 
through the firewall"); 

• requesting an acknowledgment from the initiator of the request (7:41-59 - 
"firewall 210 application assess the characteristics of an incoming request 
and assigns an appropriate proxy agent tailored to the particular protocol 
and verification requirements of that incoming access request."); 

• comparing a source address of the request for connection with known 
internal addresses of the private network (9:32-46); 
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• determining if tlie source address matciies a known internal address 
(9:32-46); and refusing to process the request for connection if there is a 
match (9:32-46). 

Coley is silent in determining whether the acknowledgment has been 
received within a predetermined amount of time and denying the request if 
the acknowledgment is not received within the predetermined amount of 
time, however Malkin does provide such a disclosure (5:21-27 - "In step 
234, after sending the tunnel registration request, the RAS sets a 
retransmit time and expects a registration reply from the gateway within a 
predetermined period of time. The RAS will retransmit the request if a 
response is not received within the predetermined period of time. After a 
predetermined number of unsuccessful attempts, the RAS will terminate 
the PPP connection with the remote node"). 

It would have been obvious for one of ordinary skill in the art, at the time of 
the invention, to have been motivated to modify the disclosure of Coley 
with that of Malkin because both disclosures are directed towards network 
security, particularly within a remote access network. Malkin provides 
motivation for this combination in the recitation, to implement the mobile 
routing protocols, additional software needs to be loaded onto the remote 
node to enable the node to communication with its original network without 
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having to change its networl^ address. As a result, a user is burdened with 
installing the mobile protocol software on their computer system and 
testing it to be sure it operates properly. The need described here lends 
reason to combine these two references. 

Regarding claim 28, Colev. discloses system for blocking an attack on a private 
network, comprising: a routing device being operable to interconnect a private 
network to a public network, the routing device being further operable to: receive 
a request for connection from an initiator, over the public network (7:16-19 - "a 
user operating a host machine 200 who attempts to access the internal network 
214 via the public network 202 must go through the firewall"); request an 
acknowledgment from the initiator of the request (7:41-59 - "firewall 210 
application assess the characteristics of an incoming request and assigns an 
appropriate proxy agent tailored to the particular protocol and verification 
requirements of that incoming access request."). 

Coley is silent in determining whether the acknowledgment has been 
received within a predetermined amount of time and denying the request if 
the acknowledgment is not received within the predetermined amount of 
time, however Malkin does provide such a disclosure (5:21-27 - "In step 
234, after sending the tunnel registration request, the RAS sets a 
retransmit time and expects a registration reply from the gateway within a 
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predetermined period of time. Tine RAS will retransmit the request if a 
response is not received within the predetermined period of time. After a 
predetermined number of unsuccessful attempts, the RAS will terminate 
the PPP connection with the remote node"). 

It would have been obvious for one of ordinary skill in the art, at the time of 
the invention, to have been motivated to modify the disclosure of Coley 
with that of Malkin because both disclosures are directed towards network 
security, particularly within a remote access network. Malkin provides 
motivation for this combination in the recitation, to implement the mobile 
routing protocols, additional software needs to be loaded onto the remote 
node to enable the node to communication with its original network without 
having to change its network address. As a result, a user is burdened with 
installing the mobile protocol software on their computer system and 
testing it to be sure it operates properly. The need described here lends 
reason to combine these two references. 

Regarding claim 29, Colev. discloses system for blocking an attack on a private 

network, comprising: 

• a routing device being operable to interconnect the private network and a 
public network, the routing device being further operable to: receive an 
incoming data packet from the public network (7:16-19 - "a user operating 



Application/Control Number: 10/808,629 Page 16 

Art Unit: 2136 

a host machine 200 who attempts to access the internal network 214 via 
the public network 202 must go through the firewall"); 

• compare a source address of the data packet against known internal 
addresses of the private network (9:6-19 and 32-46); 

• determine if the source address matches a known internal address (9:6-19 
and 32-46); and if there is a match: drop the data packet (9:39); 

• analyze a header of the data packet (9:3-8); 

• determine information regarding a history of the packet (8:5-1 6); 

• determine a real source of the data packet using the information regarding 
the history of the packet (8:5-16); and 

• refuse to process any additional data packets received from the real 
source of the data packet (9:6-19 and 32-46). 

Regarding claim 30 , Colev . discloses a system for blocking an attack on a private 
network, comprising: 

• means for interconnecting a private network to a public network (7:16-1 9 - 
"a user operating a host machine 200 who attempts to access the internal 
network 214 via the public network 202 must go through the firewall"); 

• means for receiving a request for connection from an initiator, over the 
public network (7:41-59 - "firewall 210 application assess the 
characteristics of an incoming request and assigns an appropriate proxy 
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agent tailored to tlie particular protocol and verification requirements of 
that incoming access request."); 
• means for requesting an acknowledgment from the initiator of the request 
(7:41-59 - "firewall 210 application assess the characteristics of an 
Incoming request and assigns an appropriate proxy agent tailored to the 
particular protocol and verification requirements of that incoming access 
request."); 

Coley is silent in determining whether the acknowledgment has been 
received within a predetermined amount of time and means for denying 
the request if the acknowledgment is not received within the 
predetermined amount of time, however Malkin does provide such a 
disclosure (5:21-27 - "In step 234, after sending the tunnel registration 
request, the RAS sets a retransmit time and expects a registration reply 
from the gateway within a predetermined period of time. The RAS will 
retransmit the request if a response is not received within the 
predetermined period of time. After a predetermined number of 
unsuccessful attempts, the RAS will terminate the PPP connection with 
the remote node"). 

It would have been obvious for one of ordinary skill in the art, at the time of 
the invention, to have been motivated to modify the disclosure of Coley 
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with tliat of IVIall<in because botli disclosures are directed towards network 
security, particularly within a remote access network. Malkin provides 
motivation for this combination in the recitation, to implement the mobile 
routing protocols, additional software needs to be loaded onto the remote 
node to enable the node to communication with its original network without 
having to change its network address. As a result, a user is burdened with 
installing the mobile protocol software on their computer system and 
testing it to be sure it operates properly. The need described here lends 
reason to combine these two references. 

Regarding claim 31 . Colev . discloses a system for blocking an attack on a private 
network, comprising: 

• means for interconnecting the private network and a public network (7:16- 
19 - "a user operating a host machine 200 who attempts to access the 
internal network 214 via the public network 202 must go through the 
firewall"); 

• means for receiving an incoming data packet from the public network; 
means for comparing a source address of the data packet against known 
internal addresses of the private network (7:41-59 - "firewall 210 
application assess the characteristics of an incoming request and assigns 
an appropriate proxy agent tailored to the particular protocol and 
verification requirements of that incoming access request."); 
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• means for determining if tlie source address matclies a known internal 
address (9:6-19 and 32-46); 

and if there is a matcli: 

• means for dropping tine data pacl<et (9:39 - "If tliere is a discrepancy, tine 
request Is denied"); 

• analyzing a header of the data pacl<et (9:39); 

• determining information regarding a history of the pacl<et (8:5-16); 

• determining a real source of the data packet using the information 
regarding the history of the packet (8:5-16); and 

• refusing to process any additional data packets received from the real 
source of the data packet (9:6-19 and 32-46) 

Regarding claim 32 . Colev . discloses a software embodied in a computer- 
readable medium, the computer-readable medium comprising code operable to: 

• interconnect a private network to a public network (7:1 6-1 9 - "a user 
operating a host machine 200 who attempts to access the internal network 
214 via the public network 202 must go through the firewall"); 

• receive a request for connection from an initiator, over the public network; 
request an acknowledgment from the initiator of the request (7:41-59 - 
"firewall 210 application assess the characteristics of an incoming request 
and assigns an appropriate proxy agent tailored to the particular protocol 
and verification requirements of that incoming access request."). 



Application/Control Number: 10/808,629 
Art Unit: 2136 



Page 20 



Coley is silent in determining wliether tine acl<nowledgment lias been 
received witliin a predetermined amount of time and denying tine request if 
the acl<nowledgment is not received witliin tine predetermined amount of 
time, however Malkin does provide such a disclosure (5:21-27 - "In step 
234, after sending the tunnel registration request, the RAS sets a 
retransmit time and expects a registration reply from the gateway within a 
predetermined period of time. The RAS will retransmit the request if a 
response is not received within the predetermined period of time. After a 
predetermined number of unsuccessful attempts, the RAS will terminate 
the PPP connection with the remote node"). 

It would have been obvious for one of ordinary skill in the art, at the time of the 
invention, to have been motivated to modify the disclosure of Coley with that of 
Malkin because both disclosures are directed towards network security, 
particularly within a remote access network. Malkin provides motivation for this 
combination in the recitation, to implement the mobile routing protocols, 
additional software needs to be loaded onto the remote node to enable the node 
to communication with its original network without having to change its network 
address. As a result, a user is burdened with installing the mobile protocol 
software on their computer system and testing it to be sure it operates properly. 
The need described here lends reason to combine these two references. 
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Regarding claim 33 . Colev , discloses a Software embodied in a computer- 
readable medium, the computer-readable medium comprising code operable to: 

• receive an incoming data packet from the public network (7:16-19 - "a 
user operating a host machine 200 who attempts to access the internal 
network 214 via the public network 202 must go through the firewall"); 

• compare a source address of the data packet against known internal 
addresses of the private network (9:6-19 and 32-46); 

• determine if the source address matches a known internal address (9:6-19 
and 32-46); 

and if there is a match: 

• drop the data packet (9:39); analyze a header of the data packet (9:3-8); 

• determine information regarding a history of the packet (8:5-1 6); 

• determine a real source of the data packet using the information regarding 
the history of the packet (8:5-16); and 

• refuse to process any additional data packets received from the real 
source of the data packet (9:6-19 and 32-46). 



4. 



Claim Rejections - 35 USC § 103 

The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 
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(a) A patent may not be obtained though the invention is not identically disclosed or 
described as set forth in section 102 of this title, if the differences between the subject 
matter sought to be patented and the prior art are such that the subject matter as a whole 
would have been obvious at the time the invention was made to a person having ordinary 
skill in the art to which said subject matter pertains. Patentability shall not be negatived 
by the manner in which the invention was made. 

Claims 11-14 and 2-26 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Colev (US Patent No. 6,061,650) and further in view of 
Levinson et al. (US Application Publication No. 20030053170). 

Regarding claim 1 1 . Colev . is silent in disclosing the method of claim 10, wherein 
using diagnostic tools to determine additional information about a source of the 
request for connection comprises using trace root diagnostic tools to determine 
Information about the source of the request for connection, however Levinson et 
aL does disclose network tools used in collection additional about a network 
(0008 - "network diagnostics"). It would have been obvious for one of ordinary 
skill In the art to modify the disclosed network diagnostic functions of Levinson et 
aL Into the specific network diagnostic tools mentioned within the claim language 
such as "trace root, NeStat (NS) lookup, ping, etc." It would have been obvious 
because one of ordinary skill in the art would know that the disclosed "network 
diagnostic" functions comprises these specifically mentioned tools. 
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Regarding claim 12 . Colev . discloses the method of claim 10, wherein using 
diagnostic tools to determine additional information about a source of the request 
for connection comprises using ping diagnostic tools to determine information 
about the source of the request for connection (Rejected under the same 
rationale as claim 1 1 ). 

Regarding claim 13 . Colev . discloses the method of claim 10, wherein using 
diagnostic tools to determine additional information about a source of the request 
for connection comprises using NS lookup diagnostic tools to determine 
Information about the source of the request for connection (Rejected under the 
same rationale as claim 11). 

Regarding claim 14 , Colev . discloses the method of claim 10, further comprising 
forwarding the additional information to a system administrator via electronic mall 
(0046 - "send a electronic message"). 

Regarding claim 22 . Colev . discloses the method of claim 15, further comprising 
using diagnostic tools to determine additional Information about a source of the 
data packet (Rejected under the same rational as claim 1 1 ). 



Regarding claim 23 . Colev . discloses the method of claim 22, wherein using 
diagnostic tools to determine additional information about a source of the data 
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packet comprises using trace root diagnostic tools to determine additional 
information about the source of the data packet (Rejected under the same 
rational as claim 1 1 ). 

Regarding claim 24 . Colev . discloses the method of claim 22, wherein using 
diagnostic tools to determine additional information about a source of the data 
packet comprises using ping diagnostic tools to determine additional information 
about the source of the data packet (Rejected under the same rationale as claim 
11). 

Regarding claim 25 . Colev . discloses the method of claim 22, wherein using 
diagnostic tools to determine additional information about a source of the data 
packet comprises using NS lookup diagnostic tools to determine additional 
information about the source of the data packet (Rejected under the same 
rational as claim 11). 

Regarding claim 26 , Colev , discloses the method of claim 22, further comprising 
forwarding the additional information to a system administrator via electronic mail 
(Rejected under the same rational as claim 1 1 ). 



Conclusion 
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5. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to CHINWENDU C. OKORONKWO whose telephone 
number is (571)272-2662. The examiner can normally be reached on MWF 2:30 - 6:00, 
TR 9:00-3:30. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Nasser Moazzami can be reached on (571) 272 4195. The fax phone 
number for the organization where this application or proceeding is assigned is 571- 
273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 

/Nasser G Moazzami/ 
Supervisory Patent Examiner, Art 
Unit 2436 
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/C. C. 0.1 

Examiner, Art Unit 2436 



